4.3
CVE-2024-37233 - WordPress Play.ht plugin <= 3.6.4 - Broken Access Control vulnerability
Improper Authentication vulnerability in Play.Ht allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Play.Ht: from n/a through 3.6.4.
5.3
CVE-2024-3264 - Broken or Risky Cryptographic Algorithm in Mia Technology's Mia-Med Health Aplication
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mia Technology Inc. Mia-Med Health Aplication allows Signature Spoofing by Improper Validation.This issue affects Mia-Med Health Aplication: before 1.0.14.
8.6
CVE-2024-37231 - WordPress Salon booking system plugin <= 9.9 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through 9.9.
10
CVE-2024-37228 - WordPress InstaWP Connect plugin <= 0.1.0.38 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.38.
7.5
CVE-2024-37111 - WordPress WishList Member X plugin < 3.26.7 - Unauthenticated Denial of Service Attack vulnerability
Missing Authorization vulnerability in Membership Software WishList Member X.This issue affects WishList Member X: from n/a before 3.26.7.
7.5
CVE-2024-5862 - User Enumeration in Mia Technology's Mia-Med Health Aplication
Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc. Mia-Med Health Aplication allows Interface Manipulation.This issue affects Mia-Med Health Aplication: before 1.0.14.
9.9
CVE-2024-37109 - WordPress WishList Member X plugin < 3.26.7 - Authenticated Arbitrary PHP Code Execution vulnerabilβ¦
Improper Control of Generation of Code ('Code Injection') vulnerability in Membership Software WishList Member X allows Code Injection.This issue affects WishList Member X: from n/a before 3.26.7.
8.8
CVE-2024-37107 - WordPress WishList Member X plugin < 3.26.7 - Authenticated Privilege Escalation vulnerability
Improper Privilege Management vulnerability in Membership Software WishList Member X allows Privilege Escalation.This issue affects WishList Member X: from n/a before 3.26.7.
8.5
CVE-2024-37092 - WordPress Consulting Elementor Widgets plugin <= 1.3.0 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0.
9.9
CVE-2024-37091 - WordPress Consulting Elementor Widgets plugin <= 1.3.0 - Remote Code Execution (RCE) vulnerability
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in StylemixThemes Consulting Elementor Widgets, StylemixThemes Masterstudy Elementor Widgets allows OS Command Injection.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0; Mastersβ¦